Discovered op position individuals who could have possibly been traveling with the ships of interest . 


Our Approach 

* Queried over 900 towers and other selectors in MAINWAY/SEDB in attempt 
to discover any identifiable selectors around the coordinates of interest. 

• Created another query based on identified selectors of interest to pull for 
any cell fan information in order to more precisely locate each selector of 
interest. 

* Queried in SEDB ship data on the ships of interest and plotted the track the 
ships took into 

• Identified selectors by cell fan information seen near the ports where the 
ships of interest had docked. Also correlated any selectors moving in 
relation to the ships' movements using cell fan data. 














Mission Example and Result: The HAPPYFOOT analytic aggregates leaked location-based service / location-aware application data 
to infer IP addre ss geo-locat ions. SDS ident ified ‘Public’ and 'private' usage of the same IP address that caused HAPPYFOOT to 
assign ^^^|netblocks to^^^^^lgeo-locatlons (the IP address was used in both countries). This private network is now 
being realmed and properly geo-located. Ongoing work will solve this realming problem for networks affecting other cloud analytics. 





Our App roach 

•Tracked ^(target's converged communications and CNE accesses. 

• Monitored passive internet traffic; created automated processes where 
possible (XKS ANCHORMAN, Workflows, Fingerprints). 

• Provided TAO/GCHQ with WLLids/DSL accounts, Cookies, 
GooqiePREFIDs to enable remote exploitation. 

• Partnered with NGAand R4 to confirm locations and USRP equipment 
based on collected photographs. 

• Drove CNE collection and partnered with TAO to increase USRP 
specific endpoint accesses. 

• Provided knowledge to interagency partners for potential on the ground 
survey options and FBI-led intelligence guiding efforts. 
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(S//SI//REL TO USA, FVEY) Metadata/Target Discovery: Analyze DNR/DNI/Convergence 
metadata for target discovery, identify gaps in collection, processing, and analytic 
methodologies; Improve metadata collection and processing; Create analytics that 
automate or improve analytic methodologies; Conduct target discovery through multipl 
technology thrusts, including endpoint, web-based technologies/services, mobile 
applications and networks, geo-location analysis, correlations/identity Analysis, Social 
Network Analysis; Collaboration/facilitation with TAO, S3, CIA, ODNI, SSO, CES, and SSG 
centers. 



